@george1421 Thank you for your quick reply.
I am currently trying to get the multicast cloning to work over several vlans as in your instructions.
I am using OPNsense instead of Pfsense. Unicast works without problems, but we have many of the same PCs and so multicast would make sense.
Part 2.7 would be relevant to check that I have not forgotten any ports.
Part 3.1 and 3.2 as I have never worked with an IGMP proxy.
During a short test, everyone stopped before cloning and waited. Would assume it was because of my wrong IGMP configuration as I didn’t see any blocked ports on the firewall.

@Tom-Elliott
Thanks, for all the input.
I’ll see if i can find some sensible solution for my setup.

@Tom-Elliott Is there a way to check the synchronization status of the storage nodes with the master node on the webpage?

@Sebastian-Roth Thanks. Worked like a charm. Went from ~250Gb image down to ~9Gb.

@Eliza In the FOG web user interface. In the FOG menu FOG Configuration and then along the left menu Select Kernel update.

@introloud said in Configure FOG Server's DHCP service?:

I’m gonna try both unicast and multicast to a couple of machines first but I doubt that it’d be any different since it’s on a simple network right now.

This is simple and complex to explain. But a unicast image is sending an image form the fog server to a single target computer. Lets say for example that take 50MB/s of network bandwidth. If you start up a second unicast deployment to a second target computer that will take another 50MB/s of network bandwidth. Now lets add a third simultaneous unicast deployment, Now you are sitting at 150MB/s of network bandwidth usage and 1GbE only has 125MB of available bandwidth, so you will get collisions and throughput slowdowns.

Now lets say you setup a multicast session with those 3 same computers. The image is now being sent out as a multicast. You can have as many receivers as you want, because only one image is being sent out you only consume 50MB/s of network bandwidth. If a receiver is late to the stream, they simply miss the stream and will not be imaged during that streaming session. Using a multicast streaming method you can image 30 computers in about the time it take to image 2 computers using unicasting.

They will be in the same VLAN but probably may have different subnet masks

Strictly speaking you would normally have only one subnet mask per VLAN unless you are doing supernetting for some reason.

imaging task to multiple machines, and have them reboot to get into network boot

Typically you would configure the computers to boot through PXE then boot to the hard drive. That way if FOG had any actions for the computer it could do it while the fog menu is displayed. If there were no jobs then it would just boot the hard drive. You would have the FOG client installed on the target computer so when the schedule task starts the target computer would be instructed to reboot via the fog client program.

Hello,
You can also have a look at this topic :
https://forums.fogproject.org/topic/16876/dual-boot-grub-issue-after-deploying?_=1696487644593

@jptechnical If the laptop is in uefi mode there is a way to boot from a usb drive: https://forums.fogproject.org/topic/6350/usb-boot-uefi-client-into-fog-menu-easy-way

There are other options but try the easy way first.

@george1421 @Tom-Elliott
Luckily I could schedule a meeting with my System-Admin today, and he tried turning off the serving of the WDS boot file - seems in the configuration of option 66 and 67 of our companies DHCP server was an old Windows Server that served a meaningless WDS file, we changed it to my FOG Server and the issue is now solved.

I am very thankful for your first-class support and I apologize for the inconvenience! You guys are my heroes!

@george1421 Yes it is. Both, the fog server and the host device, are in VirtualBox - and i get the error message.
But tbh if the problem doesn’t show up when deploying the whole system in my network, i can live with the error occurring in VB.

If it’s true that this only happens in VB and not on the actual network (and then Toms solution works), then this issue is resolved for me.

@Sebastian-Roth Sadly I have not actually done this.
I believe that it is possible and @tom-elliott may have some insight on accessing the api over https. I believe he has some forum posts elsewhere discussing it. I think there may be some fog server side configuration needed to enable https api. For sure you need to have the root CA certificate that issued your fog server web certificate trusted on the machine issuing the commands. In theory that should be all there is to it, but I haven’t done a ton of testing on it, and while it’s on my to-do list, it’s a bit far down the list. Not to say SSL/TLS isn’t very important even behind a firewall, I just haven’t got there yet.

@glequeau In theory, if you can get all the certificates trusted correctly and can access a fog api url in a browser over https, then it should work for the powershell commands as well. That’s how it typically works with powershell and api commands.

That was long, here’s a short version:

Go to your https fog site view the certificate being used and view the trust chain Download the root and any intermediate CA certificates Install them on your machine as trusted root ca certs Try the api commands again with the https url set

If that doesn’t work, then we just have more development needed on https api commands

You could also try editing your locally installed version of the fogapi module. Specifically the invoke-fogapi command (probably at C:\program files\windowspowershell\modules\fogapi\2303.5.33\fogapi.psm1) then search for that command in the compiled version of the file.

You would add the -SkipCertificateCheck switch to all calls to invoke-restmethod and invoke-webrequest which would bypass that error and still use the ssl connection, but ignore errors about untrusted certificates

Thanks for the advice. Ran into a speed bump along the way. When I was doing step 3 I got an error about PHP 7.4. I upgraded to PHP8.1 and then was able to install the upgrade for Fog. After that I did the Ubuntu upgrade and the system didn’t come up so I followed your advice and re-installed Fog and I am up and running!

Thanks a lot @rodluz !

I took your script and adapted it. I use it directly on my FOG server, which simplifies things a bit. I also changed the mail to a notification sent to my smartphone with ntfy, which I find easy to use.

I also mounted my NAS share in NFS directly on /mnt/FOGBackups.

Here’s my script:

#!/bin/bash fogServerAddress="172.X.Y.Z" # Change to actual FOG server address backupDate=$(date +"%Y%m%d") backupDir="/mnt/FOGBackups/$backupDate" backupDirImages="/mnt/FOGBackups/images" snapinLocation="/opt/fog/snapins" reportLocation="/var/www/fog/lib/reports" imageLocation="/images" failedBackupDB=0 failedBackupSnapins=0 failedBackupReports=0 failedBackupImages=0 [[ ! -d $backupDir ]] && mkdir -p $backupDir/{mysql,snapins,reports,logs} >/dev/null 2>&1 [[ ! -d $backupDir/mysql || $backupDir/snapins || $backupDir/reports || $backupDir/logs ]] && mkdir -p $backupDir/{mysql,snapins,reports,logs} >/dev/null 2>&1 backupDB() { wget --no-check-certificate --post-data="nojson=1" -O $backupDir/mysql/fog.sql "http://$fogServerAddress/fog/management/export.php?type=sql" 2>>$backupDir/logs/error.log 1>>$backupDir/logs/progress.log 2>&1 stat=$? if [[ ! $stat -eq 0 ]]; then echo "Failed to backup database!" failedBackupDB=1 else echo "Database backed up." fi } backupSnapins() { cp -r $snapinLocation $backupDir/snapins/ 2>>$backupDir/logs/error.log 1>>$backupDir/logs/progress.log 2>&1 stat=$? if [[ ! $stat -eq 0 ]]; then echo "Failed to backup snapins!" failedBackupSnapins=1 else echo "Snapins backed up." fi } backupReports() { cp -r $reportLocation $backupDir/reports/ 2>>$backupDir/logs/error.log 1>>$backupDir/logs/progress.log 2>&1 stat=$? if [[ ! $stat -eq 0 ]]; then echo "Failed to backup reports!" failedBackupReports=1 else echo "Reports backed up." fi } backupImages() { rsync -auv $imageLocation $backupDirImages 2>>$backupDir/logs/error.log 1>>$backupDir/logs/progress.log 2>&1 stat=$? if [[ ! $stat -eq 0 ]]; then echo "Failed to backup images!" failedBackupImages=1 else echo "Images backed up." fi } checkForFailures() { echo "Running checkForFailures()" if [[ $failedBackupDB -eq 1 ]]; then message="$message \nFailed to backup database." fi if [[ $failedBackupSnapins -eq 1 ]]; then message="$message \nFailed to backup snapins." fi if [[ $failedBackupReports -eq 1 ]]; then message="$message \nFailed to backup reports." fi if [[ $failedBackupImages -eq 1 ]]; then message="$message \nFailed to backup images." fi } sendNotif() { echo "Running sendNotif()" if [[ ! -z $message ]]; then { curl -d "FOG Backup Failed\n $message" ntfy.sh/XYZATEHFJICH } else curl -d "FOG Backup Successful!" ntfy.sh/XYZATEHFJICH fi } backupDB backupSnapins backupReports backupImages checkForFailures sendNotif

@Trep76470 A windows dhcp server should work just fine. Is it OK to guess that your fog server is at ip address 192.168.21.220?

The error message you first posted usually indicate a bios computer booting, but I don’t know leovo computers pxe boot process. Typically uefi computers would mention NBF.

Are the pxe booting computers, dhcp server, and FOG server on the same IP subnet? If yes then we can use tcpdump running on the FOG server to capture what is actually flowing down the wire.

Some things to check on your dhcp server.

Make sure it is responding to both dhcp and bootp requests. Both bits of information need to be in the dhcp OFFER packet. If you have redundant dhcp servers, make sure you configure dhcp options 66 and 67 on both servers. Microsoft’s HA for dhcp does not copy over these settings.

If you can not find the solution then I have a tutorial here: https://forums.fogproject.org/topic/9673/when-dhcp-pxe-booting-process-goes-bad-and-you-have-no-clue

Look at the results with wireshark, specifically the OFFER packet. Look to see what dhcp servers are responding to the offer packet. Then in the offer packet look at the ethernet header. You are interested in the next-server and boot-file fields. They need to be populated and match the dhcp options 66 and 67 under the dhcp options section. If you can not understand what you see in the pcap file, then upload it to a file share site and then either post the link here or DM me using fog chat the url and I will look at it.

hey guys
Is it possible that the Subnet Group Management plugin automatically places a location on a new host that was done through quick registration and inventory using the subnet that this host is on?